6e72b4e9a2de3c4d9f2f1def92b5737bd5cd83810991790f1e917de36a0c3799 | Triage

Sharing

General

Target

6e72b4e9a2de3c4d9f2f1def92b5737bd5cd83810991790f1e917de36a0c3799
Size

52KB
Sample

240808-2eqlls1dpp
MD5

f234ad0379a5c3c8bc8313fda871d96a
SHA1

f9926d2b7c2e9043cb768680b08c3cb8708a0afb
SHA256

6e72b4e9a2de3c4d9f2f1def92b5737bd5cd83810991790f1e917de36a0c3799
SHA512

e63b7e3eafce318b47c9672d9296dd07c345d70fef00b47f581b18d064d4968bc826ba131d7401cc049b79863b798f6687444b0596c272ba6d3518f0cc0e1627
SSDEEP

384:GBt7Br5xjL9A7AgA71FbhvnIH2YsTKnKqtaW3WaEdW3WHY3SjSFvDlYglYm:W7BlphA7pARFbhvOsTKnKqtkYi+FveRm

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  6e72b4e9a2de3c4d9f2f1def92b5737bd5cd83810991790f1e917de36a0c3799
- Size
  
  52KB
- MD5
  
  f234ad0379a5c3c8bc8313fda871d96a
- SHA1
  
  f9926d2b7c2e9043cb768680b08c3cb8708a0afb
- SHA256
  
  6e72b4e9a2de3c4d9f2f1def92b5737bd5cd83810991790f1e917de36a0c3799
- SHA512
  
  e63b7e3eafce318b47c9672d9296dd07c345d70fef00b47f581b18d064d4968bc826ba131d7401cc049b79863b798f6687444b0596c272ba6d3518f0cc0e1627
- SSDEEP
  
  384:GBt7Br5xjL9A7AgA71FbhvnIH2YsTKnKqtaW3WaEdW3WHY3SjSFvDlYglYm:W7BlphA7pARFbhvOsTKnKqtkYi+FveRm
Score

9^/10

discovery ransomware
- Renames multiple (3773) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware